I'm not all that happy with the GPG trust model.
For example, there's the case of ssh host keys. In general, I
understand which people ought to be signing which host keys; and
something claiming to be a host key for a particular host which is
signed by the wrong person is going to be somewhat suspect.
And if only the owner of a host signs that host's key, then it's going
to be awefully tempting to just tell GPG that I always trust that
person to sign keys.
There's also the problem of people who cross-sign their own keys. I'm
willing to trust cross signed keys somewhat morethan I'm willing to
trust a key to sign other people's keys in some cases, and GPG doesn't
give me an easy way to express that.
Yes, I can lsign keys as needed, but that feels ugly. And it doesn't
help me very much if I copy only my public keyring from one host to
another, so that I can verify signatures on a machine which I don't
happen to need my private key on.
I'd really like something for which the algorithm for deciding whether
to trust a key is to show me the trust path to that key, and then let
me decide whether I trust that key based on that.